#!/bin/bash

uid=$1
binddn='cn=Manager,dc=jhc,dc=cn'
pwdfile=~/.ldappwd
basedn='dc=jhc,dc=cn'

(ldapsearch -x -y "$pwdfile" -D "$binddn" -b "$basedn" -s sub "(uid=$uid)"  | grep '^# numEntries: 1') >/dev/null
if [ $? -ne 0 ] ; then
    exit 1
fi

uiddn=$(ldapsearch -x -y "$pwdfile" -D "$binddn" -b "$basedn" -s sub "(uid=$uid)" | grep '^dn: uid=' | sed 's/^dn: //')
uidcn=$(ldapsearch -x -y "$pwdfile" -D "$binddn" -b "$basedn" -s sub "(uid=$uid)" | grep '^cn:: ' | sed 's/^cn:: //')
username=$(echo -n "$uidcn" | base64 -d)

(ldapwhoami -x -D "$uiddn" -w "$uid" | grep "^dn:${uiddn}") 2>&1 1>/dev/null
if [ $? -eq 0 ] ; then
    echo "${uid} ${username} has same password as uid."
else
    echo "${uid} ${username} has changed his password."
fi
